CN101605154A - System and method for confirming IP address of network device using network address translation - Google Patents
System and method for confirming IP address of network device using network address translationDownload PDFInfo
- Publication number
- CN101605154A CN101605154ACNA2009101591205ACN200910159120ACN101605154ACN 101605154 ACN101605154 ACN 101605154ACN A2009101591205 ACNA2009101591205 ACN A2009101591205ACN 200910159120 ACN200910159120 ACN 200910159120ACN 101605154 ACN101605154 ACN 101605154A
- Authority
- CN
- China
- Prior art keywords
- address
- network equipment
- private
- network
- public
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
Translated fromChinese
Description
Technical field
The present invention relates to radio honeycomb communication system, be specifically related to the IP Address Confirmation system and method for the network equipment of a kind of use NAT (NetworkAddress Translation, network address translation).
Background technology
HNB (Home Node-B, Home eNodeB) is used for providing the wireless coverage of 3G for being in 3G (3-G (Generation Three mobile communication system)) mobile phone in the family, is connected to the dwelling house broadband service that has existed.The radio resource management function that has comprised the RNC (Radio Network Controller, radio network controller) of the function of a standard N ode B (element of the grand Radio Access Network of 3G) and a standard.
Fig. 1 has described the system configuration of HNB.3GPP (3rd Generation PartnershipProject wherein, third generation cooperative enterprise project) interface between subscriber equipment and the HNB is backhaul and compatible air interface in UTRAN (Universal Terrestrial Radio Access Network, Universal Terrestrial Radio Access Network).HNB is by the core net of a SeGW (security gateway, security gateway) access carrier, and wherein the broadband IP between HNB and the SeGW (Internet Protocol, internet protocol) backhaul may be unsafe.The escape way protection that the information of propagating in this backhaul will be set up between HNB and the SeGW.On behalf of the core net of operator and HNB, SeGW authenticate mutually.HNB GW (HNB Gateway) is the entity that separates in logic in the core net of operator with SeGW, is used for the access control of the UE (User Equipment, subscriber equipment) of non-CSG (Closed Subscriber Group, closed subscriber group).OAM (Operation, Administrationand Maintenance, oam) needs safe communication, especially when it is placed in the outside of network of operator.
Fig. 2 has described the system configuration of HeNB.HeNB (Home evolved Node-B, family's evolution base station) and the difference of HNB are that HeNB is the air interface that connects 3GPP subscriber equipment and EUTRAN (Evolved Universal Terrestrial Radio Access Network).
H (e) NB (Home (evolved) Node-B) comprises HNB and HeNB, is the general designation of HNB and HeNB.
Because be subjected to the influence of IPv4 (Internet Protocol version 4) address loss, the expansion of IPv4 address has caused increasing concern.H (e) NB is as passing through wired connection and a large amount of gradually equipment of disposing, to the also increase day by day of demand of IP (Internet Protocol, Internet Protocol) address.The problem that adopts NAT to solve the loss of IPv4 address has obtained approval widely.The effect that NAT passes through has showed that it improves the ability of network configuration, and the quantity of available IP address has effectively been expanded by NAT.
Though NAT is widely used, it uses the problem of bringing still to exist in reality.NAT utilizes the NAT box to come interconnected local network, and these local networks comprise many private IP address and separate with public network.Prevention is called as UNSAF (UNilateral Self-Address Fixing, unilaterally self address is determined) acrossNAT in the problem of the communication of the node of different Private Network (private network) back.UNSAF across NAT needs analyzed particular problem to cause with the communication process that solves H (e) NB that uses NAT.
Fig. 3 has described the connection procedure of two network equipments in different private networks.In this figure, the network equipment 1 belongs to two different private networks with the network equipment 3, and two network equipment NAT separately can stop being connected of their direct initialization and the other side.They set up with being connected of the other side before, they must set up separately and being connected of server.By setting up and being connected of server, the address in their each comfortable different private network can be obtained by the UNSAF server.The address that network equipment just can be by another network equipment of being obtained by the UNSAF server and port numbers begin to set up and being connected of this network equipment then.
When network equipment initialize communications, the beginning of communication can cause creating address binding but the side effect that distributes an address outside the scope of NAT box in NAT device.In addition, because all ongoing exchanges data all will rely on the matching addresses path that is kept in the NAT box, if the NAT box is destroyed, all existing connection status all can be interrupted, and all must restart exchanges data between internal network devices and outside network device.
The application of NAT and initial as long as the IP that has any physical connection to exist between source address and destination address just to guarantee the IP packet successfully to be sent to destination address deviates from.The more important thing is the application owing to NAT, the IP address of carrying in the IP packet is changed by NAT, and all IP address-based agreements all will be affected.Because actual application problem that the executive mode difference of different NAT boxes causes and the structure problem of UNSAF all have specific descriptions to the influence of the system of UNSAF in RFC3424, have to be solved.
Moreover, have only the inner network equipment first connection of initialization to set up the matching addresses path.Owing to do not have initialize communications before the UNSAF server, there is not the NAT binding to be established, also need to receive connection from the outside.
One is used the IP Address Confirmation mechanism of the network equipment of NAT to be necessary to be used to finish such binding before the communication beginning.Moreover, according to the application need of H (e) NB, use H (e) NB of NAT also will realize multimedia transmission, and the transmission of multimedia messages must be will be based on correct destination address.At present do not provide any solution in the related specifications to the IP Address Confirmation of H (e) NB that uses NAT.To sum up, there is not correct IP address just can not carry out message transmission accurately, at a large amount of uses of H (e) NB with and popularity and the multifunctionality used, the IP Address Confirmation mechanism of a rational H (e) NB need be performed to satisfy connection foundation and the multimedia transmission of H (e) NB that uses NAT.
Summary of the invention
The technical problem to be solved in the present invention provides a kind of IP Address Confirmation system and method that uses the network equipment of network address translation, NAT problems in actual applications that solved conventional network equipment and inconvenience are for the connection foundation and the multimedia transmission of the network equipment that uses NAT are provided convenience.
In order to address the above problem, the invention provides a kind of IP address confirmation method that uses the network equipment of network address translation (nat), be applied to comprise the system of core net and private network, when described core net will be carried out the IP Address Confirmation to the network equipment in the described private network, may further comprise the steps:
The order that core net is obtained the public ip address and the network equipment port map information of private network to the private network transmission, private network receive that described order back sends the port mapping information of public ip address and each network equipment of this private network to core net;
Described core net sends the message of obtaining one of them network equipment private IP address according to the port mapping information of the network equipment that obtains to private network, and private network is received the private IP address that sends the network equipment that will obtain after the described message of obtaining network equipment private IP address to core net;
Described core net sends the notification message of the network equipment private IP address that comprises the public ip address of described private network and obtain to private network.
Further, described private network comprises auxiliary node and security gateway;
Obtain the public ip address of private network and the order of network equipment port map information and be sent to described auxiliary node, described auxiliary node receives that described order back obtains the port mapping information of the public ip address and each network equipment the described private network of described private network from described security gateway, and the public ip address of described private network and the port mapping information of each network equipment in the described private network are sent to core net.
Further, the described message of obtaining network equipment private IP address comprises the port mapping information of the described network equipment, and the described message of obtaining network equipment private IP address is sent to security gateway;
Described security gateway is received the exchange of the nat port number that carries out the described network equipment after the described message and local port number, the forwards that to obtain network equipment private IP address afterwards is to the described network equipment, the described network equipment sends the message that comprises this network equipment private IP address and port mapping information to security gateway after receiving described message, described security gateway is received the exchange of the local port number that carries out the described network equipment after the message that comprises this network equipment private IP address and port mapping information and nat port number, afterwards with this forwards to core net.
Further, it can carry out transmission of messages based on described private IP address and public ip address described notification message indication network equipment, and described notification message is forwarded to the described network equipment through the security gateway of private network.
Further, described method is applicable in the framework of global radio telephone system network and evolved packet system network, uses the IP Address Confirmation of the network equipment of NAT.
Further, if any in the following situation of appearance, the then IP Address Confirmation of network equipment failure:
(a) the described auxiliary node port mapping information of the public ip address or each network equipment that obtain described private network that fails;
(b) described security gateway carries out the nat port number of the described network equipment and the swap fault of local port number;
(c) security gateway fails described notification message is forwarded to the described network equipment;
When situation (a) occurring, also will the fail reason of port mapping information of the public ip address that obtains described private network or each network equipment of described auxiliary node is sent to described core net;
When situation (b) occurring, the nat port number that described security gateway also will carry out the described network equipment is sent to described core net with the reason of the swap fault of local port number;
When situation (c) occurring, the described security gateway reason that described notification message is forwarded to the described network equipment that also will fail is sent to described core net.
The present invention also provides a kind of IP Address Confirmation system that uses the network equipment of network address translation (nat), comprises core net and private network;
Described core net is used for sending to private network the order of the public ip address and the network equipment port map information that obtain private network, and sends the message of obtaining network equipment private IP address to private network according to the port mapping information of the network equipment that obtains; After described core net also is used to obtain the public ip address and network equipment private IP address of private network, comprise the public ip address of described private network and the notification message of network equipment private IP address to the private network transmission;
Described private network is used to receive that described order back sends the port mapping information of public ip address and each network equipment of this private network to core net, and receives the private IP address that sends the described network equipment after the described message of obtaining network equipment private IP address to core net.
Further, described core net comprises the public ip address acquisition module;
Described private network comprises auxiliary node, security gateway and one or more network equipment;
Described public ip address acquisition module is used for sending to auxiliary node the order of the public ip address and the network equipment port map information that obtain private network;
Described auxiliary node is used to receive that described order back obtains the port mapping information of public ip address and each network equipment of private network from described security gateway, and the public ip address of the private network that obtains and the port mapping information of each network equipment are sent to described core net;
Described security gateway is used to preserve the port mapping information of public ip address and each network equipment of place private network.
Further, described core net also comprises the private IP address acquisition module, is used for sending the message of obtaining network equipment private IP address to security gateway, and this message comprises the port mapping information of the described network equipment;
Described security gateway also is used to receive the exchange of the nat port number that carries out the described network equipment after the described message of obtaining network equipment private IP address and local port number, and with the described forwards of obtaining network equipment private IP address to the described network equipment, carry out the exchange of the local port number of the described network equipment and nat port number after the message that comprises network equipment private IP address and port mapping information that also is used to receive, and with the described forwards of network equipment private IP address and port mapping information that comprises to core net;
The described network equipment sends the message that comprises its private IP address and port mapping information after being used to receive the described message of obtaining network equipment private IP address to described security gateway.
Further, described core net also comprises notification module, is used for sending described notification message to security gateway, and described notification message is indicated the described network equipment, and it can carry out transmission of messages based on described private IP address and public ip address;
Described security gateway also is used for described notification message is forwarded to the described network equipment.
Further, if any in the following situation of appearance, the then IP Address Confirmation of network equipment failure:
(a) the described auxiliary node port mapping information of the public ip address or each network equipment that obtain described private network that fails;
(b) described security gateway carries out the nat port number of the described network equipment and the swap fault of local port number;
(c) security gateway fails described notification message is forwarded to the described network equipment;
When described auxiliary node also was used to the situation that occurs (a), the reason of obtaining the port mapping information of the public ip address of described private network or each network equipment with failing was sent to described core net;
When described security gateway also was used to the situation that occurs (b), the nat port number that will carry out the described network equipment was sent to described core net with the reason of the swap fault of local port number;
When described security gateway also was used to the situation that occurs (c), the reason that described notification message is forwarded to the described network equipment was sent to described core net with failing.
In sum, the invention provides provides a kind of IP Address Confirmation system and method that uses the network equipment of network address translation, provide convenience for the connection foundation and the multimedia transmission of the network equipment that uses NAT, the NAT that has solved at the network equipment uses UNSAF across NAT problem of describing among the RFC3424 that brings and the various inconvenience of using NAT to bring to the network equipment in reality.And increased popularity and the multifunctionality that the network equipment is used, a large amount of uses that guaranteed the network equipment with and based on the message transmission accurately of correct IP address.
The present invention is applicable in the framework of UMTS (Universal Mobile Telephone System, global radio telephone system) network and EPS (Evolved Packet System, evolved packet system) network, uses the IP Address Confirmation of the network equipment of NAT.
Description of drawings
Fig. 1 is the system configuration of HNB;
Fig. 2 is the system configuration of HeNB;
Fig. 3 is the connection procedure of two network equipments by NAT in the different private networks;
Fig. 4 is the embodiment of the IP Address Confirmation success of the inventive method network equipment of using NAT;
Fig. 5 is the embodiment one that the IP Address Confirmation of the network equipment of the inventive method use NAT is failed;
Fig. 6 is the embodiment two that the IP Address Confirmation of the network equipment of the inventive method use NAT is failed;
Fig. 7 is the embodiment three that the IP Address Confirmation of the network equipment of the inventive method use NAT is failed.
Embodiment
Set up and the needs of multimedia transmission for the correct realization of the network equipment (comprising H (e) NB etc.) that satisfy to use NAT connects, the IP Address Confirmation system and method that the invention provides the network equipment (comprising H (e) NB etc.) of the following NAT of use realizes using the IP Address Confirmation of the network equipment (comprising H (e) NB etc.) of NAT.
The invention provides a kind of IP Address Confirmation system that uses the network equipment of network address translation (nat), comprise CN (Core Network, core net) and private network;
CN is used for sending to private network the order of the public ip address and the network equipment port map information that obtain private network; CN also is used for sending the message of obtaining network equipment private IP address to private network according to the port mapping information of the network equipment that obtains; After CN also is used to obtain the public ip address and network equipment private IP address of private network, comprise the public ip address of this private network and the notification message of network equipment private IP address to the private network transmission;
Private network sends the port mapping information of public ip address and each network equipment of this private network to CN after being used to receive the order of above-mentioned public ip address that obtains private network and network equipment port map information, and receives the private IP address that sends this network equipment after the message of obtaining network equipment private IP address to CN.
CN comprises public ip address acquisition module, private IP address acquisition module and notification module; Private network comprises one or more network equipments (as H (e) NB), HN (Helpr Node, auxiliary node) and SeGW;
The public ip address acquisition module is used for sending to HN the order of the public ip address and the network equipment port map information that obtain private network; And send the message of successfully obtaining the network equipment port map information to private network after receiving the public ip address of private network and network equipment port map information;
The private IP address acquisition module is used for sending the message of obtaining network equipment private IP address to SeGW, and this message comprises the port mapping information of this network equipment;
Notification module, be used for comprising the public ip address of private network and the notification message of network equipment private IP address to the SeGW transmission, this notification message is used to indicate the network equipment its (being the network equipment) to carry out transmission of messages based on this private IP address and public ip address.
After HN is used to receive the order of the public ip address that obtains private network and network equipment port map information, obtain the port mapping information of public ip address and each network equipment of private network from SeGW, and the public ip address of the private network that obtains and the port mapping information of each network equipment are sent to CN;
SeGW is used to preserve the port mapping information of public ip address and each network equipment of place private network; Also be used to receive the exchange of the nat port number that carries out this network equipment after the message of obtaining network equipment private IP address and local port number, and the forwards that will obtain network equipment private IP address is to this network equipment; Also be used to receive the exchange of the local port number that carries out this network equipment after the message that comprises network equipment private IP address and nat port number, and the forwards that will comprise network equipment private IP address is to CN; The notification message that SeGW also is used for receiving is forwarded to the network equipment.
After the network equipment is used to receive the message of obtaining network equipment private IP address, send the message that comprises its private IP address to SeGW, this message also comprises the port mapping information of this network equipment.
CN can but to be not limited to be that the present invention does not limit this by above-mentioned orders of obtaining the public ip address and the network equipment port map information of private network of transmission such as SIP (Session Initiation Protocol, initial session protocol), HTTP.
If any in the following situation of appearance, the then IP Address Confirmation of network equipment failure:
(a) the CN port mapping information of the public ip address or each network equipment that obtain private network that fails;
(b) SeGW carries out the nat port number of the network equipment and the swap fault of local port number;
(c) SeGW fails above-mentioned notification message is forwarded to the network equipment.
When HN also was used to the situation that occurs (a), the reason of obtaining the port mapping information of the public ip address of private network or each network equipment with failing was sent to CN;
When SeGW also was used to the situation that occurs (b), the nat port number that will carry out the network equipment was sent to CN with the reason of the swap fault of local port number;
When SeGW also was used to the situation that occurs (c), the reason that above-mentioned notification message is forwarded to the network equipment was sent to CN with failing.
Below in conjunction with accompanying drawing the inventive method is described in detail
In conjunction with Fig. 4, use the IP Address Confirmation successful implementation example of the network equipment of NAT to be described below:
Step 401:CN sends the order of port mapping information obtain the public ip address of this private network and to be arranged in the network equipment (comprising H (e) NB etc.) of this private network to the HN of private network (Helpr Node, auxiliary node).
HN can be positioned at private network, also can be positioned at SeGW.
After step 402:HN receives this order, the port mapping information that the SeGW of the private network under it successfully obtains the public ip address of this private network and is arranged in each network equipment of this private network; Port mapping information comprises the binding information of the unique N AT port numbers of each network equipment and corresponding with it local port number.
Step 403:HN sends to CN with the public ip address of this private network and the port mapping information of each network equipment.
Step 404:CN sends the message of successfully obtaining the network equipment port map information after successfully receiving the port mapping information of the public ip address of this private network that HN replys and each network equipment to HN.
Step 405:CN sends the message of obtaining certain network equipment private IP address to the SeGW of private network, this message comprises the port mapping information of this network equipment, and the destination address of this message is the nat port number of the public ip address of private network at this network equipment place and this network equipment.
After step 406:SeGW receives the message of obtaining network equipment private IP address, carry out the exchange of nat port number with the local port number of this network equipment according to the port mapping information of this network equipment;
Step 407:SeGW gives this network equipment according to the local port number of the network equipment that obtains after exchanging with the forwards of obtaining network equipment private IP address, wherein comprises the port mapping information of this network equipment;
Step 408: the network equipment is received after this message, send the message that comprises this network equipment private IP address and port mapping information to SeGW, the destination address of this message is the private IP address of this SeGW in this private network and its local port number, and source address then is the private IP address of this network equipment in this private network and its local port number.
Step 409:SeGW carries out the exchange of the local port number and the nat port of this network equipment according to the port mapping information of this network equipment;
Step 410:SeGW gives CN with the forwards received, and the source address of this message is the nat port number of the public ip address of private network at this network equipment place and this network equipment.
After step 411:CN receives the message that comprises network equipment private IP address and port mapping information, the private IP address of this network equipment and the public ip address of network equipment private network of living in are put into notification message, and this notification message is used to indicate the network equipment its (i.e. this network equipment) to carry out transmission of messages based on above-mentioned private IP address and public ip address;
Step 412:CN sends above-mentioned notification message, wherein comprises the private IP address of the network equipment and the public ip address of network equipment private network of living in;
Step 413:SeGW is transmitted to the network equipment with the notification message of receiving.
Step 414: the public ip address information of the private IP address information of this network equipment of basis and network equipment private network of living in realizes multimedia transmission between the network equipment and the CN.
In conjunction with Fig. 5, the embodiment one of the IP Address Confirmation failure of the network equipment of use NAT:
Step 501:CN sends the order of port mapping information obtain the public ip address of this private network and to be arranged in the network equipment (comprising H (e) NB etc.) of this private network to the HN of private network (Helpr Node, auxiliary node).
HN can be positioned at private network, also can be positioned at SeGW.
After step 502:HN receives this order, fail the SeGW of the private network under it successfully to obtain the public ip address of this private network or the port mapping information of the network equipment in this private network.This port mapping information comprises the binding information of the unique N AT port numbers of each network equipment and corresponding with it local port number.
The reason of port mapping information that step 503:HN obtains the public ip address of this private network with its SeGW that fails the private network under it or is arranged in the network equipment of this private network sends to CN, uses the IP Address Confirmation failure of the network equipment of NAT.
In conjunction with Fig. 6, the embodiment two of the IP Address Confirmation failure of the network equipment of use NAT:
Step 601:CN sends the order of port mapping information obtain the public ip address of this private network and to be arranged in the network equipment (comprising H (e) NB etc.) of this private network to the HN of private network (Helpr Node, auxiliary node).
HN can be positioned at private network, also can be positioned at SeGW.
After step 602:HN receives this order, the port mapping information that the SeGW of the private network under it successfully obtains the public ip address of this private network and is arranged in the network equipment of this private network.This port mapping information comprises the binding information of the unique N AT port numbers of each network equipment and corresponding with it local port number.
Step 603:HN sends to CN with the public ip address of this private network and the port mapping information of each network equipment.
Step 604:CN sends the message of successfully obtaining port mapping information after successfully receiving the public ip address and port mapping information of this private network that HN replys to HN.
Step 605:CN sends the message of obtaining network equipment private IP address to the SeGW of private network, this message comprises the message of this network equipment port map information, and the destination address of this message is the nat port number of the public ip address of private network at this network equipment place and this network equipment.
Step 606:SeGW fails to finish the exchange of the nat port number and the local port number of this network equipment.
The reason that step 607:SeGW will fail to finish the exchange of the nat port number of this network equipment and local port number sends to CN, uses the IP Address Confirmation failure of the network equipment of NAT.
In conjunction with Fig. 7, the embodiment three of the IP Address Confirmation failure of the network equipment of use NAT:
Step 701:CN sends the order of port mapping information obtain the public ip address of this private network and to be arranged in the network equipment (comprising H (e) NB etc.) of this private network to the HN of private network (Helpr Node, auxiliary node).
HN can be positioned at private network, also can be positioned at SeGW.
After step 702:HN receives this order, the port mapping information that the SeGW of its private network under it successfully obtains the public ip address of this private network and is arranged in each network equipment of this private network.Port mapping information comprises the binding information of the unique N AT port numbers of each network equipment and corresponding with it local port number.
Step 703:HN sends to CN with the public ip address of this private network and the port mapping information of each network equipment.
Step 704:CN sends the message of successfully obtaining port mapping information after successfully receiving the public ip address and port mapping information of this private network that HN replys to HN.
Step 705:CN sends the message of obtaining network equipment private IP address to the SeGW of private network, this message comprises the message of this network equipment port map information, and the destination address of this message is the nat port number of the public ip address of private network at this network equipment place and this network equipment.
Step 706:SeGW carries out the exchange of the nat port number and the local port number of this network equipment according to the port mapping information of this network equipment.
Step 707:SeGW gives this network equipment according to the local port number of the network equipment that obtains after exchanging with the forwards of obtaining network equipment private IP address, wherein comprises the port mapping information of this network equipment;
Step 708: after the network equipment is received above-mentioned message, send the message that comprises this network equipment private IP address and port mapping information to SeGW, the destination address of this message is the private IP address of this SeGW in this private network and its local port number, and source address then is the private IP address of this network equipment in this private network and its local port number.
Step 709:SeGW carries out the exchange of the local port number and the nat port of this network equipment according to the port mapping information of this network equipment;
Step 710:SeGW gives CN with the forwards received, and the source address of this message is the nat port number of the public ip address of private network at this network equipment place and this network equipment.
After step 711:CN receives the message that comprises network equipment private IP address and port mapping information, the private IP address of this network equipment and the public ip address of network equipment private network of living in are put into notification message, and this notification message is used to indicate the network equipment its (this network equipment) to carry out transmission of messages based on above-mentioned private IP address and public ip address;
Step 712:CN sends above-mentioned notification message to SeGW, wherein comprises the private IP address information of the network equipment and the public ip address of network equipment private network of living in;
Step 713:SeGW fails this notification message successfully is transmitted to this network equipment.
Step 714:SeGW sends to CN with its reason of failing this notification message is transmitted to the network equipment; Use the IP Address Confirmation failure of the network equipment of NAT.
Claims (11)
1, a kind of IP address confirmation method that uses the network equipment of network address translation (nat) is applied to comprise when described core net will be carried out the IP Address Confirmation to the network equipment in the described private network, may further comprise the steps the system of core net and private network:
The order that core net is obtained the public ip address and the network equipment port map information of private network to the private network transmission, private network receive that described order back sends the port mapping information of public ip address and each network equipment of this private network to core net;
Described core net sends the message of obtaining one of them network equipment private IP address according to the port mapping information of the network equipment that obtains to private network, and private network is received the private IP address that sends the network equipment that will obtain after the described message of obtaining network equipment private IP address to core net;
Described core net sends the notification message of the network equipment private IP address that comprises the public ip address of described private network and obtain to private network.
2, the method for claim 1 is characterized in that:
Described private network comprises auxiliary node and security gateway;
Obtain the public ip address of private network and the order of network equipment port map information and be sent to described auxiliary node, described auxiliary node receives that described order back obtains the port mapping information of the public ip address and each network equipment the described private network of described private network from described security gateway, and the public ip address of described private network and the port mapping information of each network equipment in the described private network are sent to core net.
3, method as claimed in claim 2 is characterized in that:
The described message of obtaining network equipment private IP address comprises the port mapping information of the described network equipment, and the described message of obtaining network equipment private IP address is sent to security gateway;
Described security gateway is received the exchange of the nat port number that carries out the described network equipment after the described message and local port number, the forwards that to obtain network equipment private IP address afterwards is to the described network equipment, the described network equipment sends the message that comprises this network equipment private IP address and port mapping information to security gateway after receiving described message, described security gateway is received the exchange of the local port number that carries out the described network equipment after the message that comprises this network equipment private IP address and port mapping information and nat port number, afterwards with this forwards to core net.
4, method as claimed in claim 2 is characterized in that:
It can carry out transmission of messages based on described private IP address and public ip address described notification message indication network equipment, and described notification message is forwarded to the described network equipment through the security gateway of private network.
5, method as claimed in claim 2 is characterized in that:
Described method is applicable in the framework of global radio telephone system network and evolved packet system network, uses the IP Address Confirmation of the network equipment of NAT.
6, as claim 2,3 or 4 described methods, it is characterized in that:
If any in the following situation of appearance, the then IP Address Confirmation of network equipment failure:
(a) the described auxiliary node port mapping information of the public ip address or each network equipment that obtain described private network that fails;
(b) described security gateway carries out the nat port number of the described network equipment and the swap fault of local port number;
(c) security gateway fails described notification message is forwarded to the described network equipment;
When situation (a) occurring, also will the fail reason of port mapping information of the public ip address that obtains described private network or each network equipment of described auxiliary node is sent to described core net;
When situation (b) occurring, the nat port number that described security gateway also will carry out the described network equipment is sent to described core net with the reason of the swap fault of local port number;
When situation (c) occurring, the described security gateway reason that described notification message is forwarded to the described network equipment that also will fail is sent to described core net.
7, a kind of IP Address Confirmation system that uses the network equipment of network address translation (nat) comprises core net and private network; It is characterized in that:
Described core net is used for sending to private network the order of the public ip address and the network equipment port map information that obtain private network, and sends the message of obtaining network equipment private IP address to private network according to the port mapping information of the network equipment that obtains; After described core net also is used to obtain the public ip address and network equipment private IP address of private network, comprise the public ip address of described private network and the notification message of network equipment private IP address to the private network transmission;
Described private network is used to receive that described order back sends the port mapping information of public ip address and each network equipment of this private network to core net, and receives the private IP address that sends the described network equipment after the described message of obtaining network equipment private IP address to core net.
8, system as claimed in claim 7 is characterized in that:
Described core net comprises the public ip address acquisition module;
Described private network comprises auxiliary node, security gateway and one or more network equipment;
Described public ip address acquisition module is used for sending to auxiliary node the order of the public ip address and the network equipment port map information that obtain private network;
Described auxiliary node is used to receive that described order back obtains the port mapping information of public ip address and each network equipment of private network from described security gateway, and the public ip address of the private network that obtains and the port mapping information of each network equipment are sent to described core net;
Described security gateway is used to preserve the port mapping information of public ip address and each network equipment of place private network.
9, system as claimed in claim 8 is characterized in that:
Described core net also comprises the private IP address acquisition module, is used for sending the message of obtaining network equipment private IP address to security gateway, and this message comprises the port mapping information of the described network equipment;
Described security gateway also is used to receive the exchange of the nat port number that carries out the described network equipment after the described message of obtaining network equipment private IP address and local port number, and with the described forwards of obtaining network equipment private IP address to the described network equipment, carry out the exchange of the local port number of the described network equipment and nat port number after the message that comprises network equipment private IP address and port mapping information that also is used to receive, and with the described forwards of network equipment private IP address and port mapping information that comprises to core net;
The described network equipment sends the message that comprises its private IP address and port mapping information after being used to receive the described message of obtaining network equipment private IP address to described security gateway.
10, system as claimed in claim 8 is characterized in that:
Described core net also comprises notification module, is used for sending described notification message to security gateway, and described notification message is indicated the described network equipment, and it can carry out transmission of messages based on described private IP address and public ip address;
Described security gateway also is used for described notification message is forwarded to the described network equipment.
11, as claim 8,9 or 10 described systems, it is characterized in that:
If any in the following situation of appearance, the then IP Address Confirmation of network equipment failure:
(a) the described auxiliary node port mapping information of the public ip address or each network equipment that obtain described private network that fails;
(b) described security gateway carries out the nat port number of the described network equipment and the swap fault of local port number;
(c) security gateway fails described notification message is forwarded to the described network equipment;
When described auxiliary node also was used to the situation that occurs (a), the reason of obtaining the port mapping information of the public ip address of described private network or each network equipment with failing was sent to described core net;
When described security gateway also was used to the situation that occurs (b), the nat port number that will carry out the described network equipment was sent to described core net with the reason of the swap fault of local port number;
When described security gateway also was used to the situation that occurs (c), the reason that described notification message is forwarded to the described network equipment was sent to described core net with failing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910159120.5ACN101605154B (en) | 2009-07-09 | 2009-07-09 | System and method for determining IP address of network equipment using network address translation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910159120.5ACN101605154B (en) | 2009-07-09 | 2009-07-09 | System and method for determining IP address of network equipment using network address translation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101605154Atrue CN101605154A (en) | 2009-12-16 |
| CN101605154B CN101605154B (en) | 2014-08-13 |
Family
ID=41470705
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910159120.5AExpired - Fee RelatedCN101605154B (en) | 2009-07-09 | 2009-07-09 | System and method for determining IP address of network equipment using network address translation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101605154B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103797773A (en)* | 2011-08-12 | 2014-05-14 | 日本电气株式会社 | Communication Systems |
| CN107465590A (en)* | 2016-06-02 | 2017-12-12 | 阿里巴巴集团控股有限公司 | Network infrastructure system, the method for route network traffic and computer-readable medium |
| WO2018014539A1 (en)* | 2016-07-22 | 2018-01-25 | 华为技术有限公司 | Information transmission method, fusion gateway and system |
| CN109076022A (en)* | 2016-03-16 | 2018-12-21 | 日本电气株式会社 | Network address translation device, setting request device, communication system, communication method, and storage medium storing program |
| CN111031020A (en)* | 2019-12-04 | 2020-04-17 | 紫光云(南京)数字技术有限公司 | Method for managing network and tenant network communication based on port mapping |
| CN111372205A (en)* | 2020-02-28 | 2020-07-03 | 维沃移动通信有限公司 | Information prompting method and electronic equipment |
| CN114978890A (en)* | 2022-05-16 | 2022-08-30 | 南京信息职业技术学院 | Port mapping system and mapping method thereof |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1343298A2 (en)* | 2002-03-07 | 2003-09-10 | Samsung Electronics Co., Ltd. | Network-connecting apparatus and method for providing direct connections between network devices in different private networks |
| CN1586065A (en)* | 2002-05-13 | 2005-02-23 | 美国索尼电脑娱乐公司 | Peer to peer network communication with network address translation |
| US20060013211A1 (en)* | 2004-07-14 | 2006-01-19 | Deerman James R | Apparatus and method for mapping overlapping internet protocol addresses in layer two tunneling protocols |
| CN101385315A (en)* | 2006-02-22 | 2009-03-11 | 杨正 | Communication using private ip addresses of local networks |
- 2009
- 2009-07-09CNCN200910159120.5Apatent/CN101605154B/ennot_activeExpired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1343298A2 (en)* | 2002-03-07 | 2003-09-10 | Samsung Electronics Co., Ltd. | Network-connecting apparatus and method for providing direct connections between network devices in different private networks |
| CN1586065A (en)* | 2002-05-13 | 2005-02-23 | 美国索尼电脑娱乐公司 | Peer to peer network communication with network address translation |
| US20060013211A1 (en)* | 2004-07-14 | 2006-01-19 | Deerman James R | Apparatus and method for mapping overlapping internet protocol addresses in layer two tunneling protocols |
| CN101385315A (en)* | 2006-02-22 | 2009-03-11 | 杨正 | Communication using private ip addresses of local networks |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2742672B1 (en)* | 2011-08-12 | 2019-10-02 | Nec Corporation | Systems and methods for network address translation |
| CN103797773A (en)* | 2011-08-12 | 2014-05-14 | 日本电气株式会社 | Communication Systems |
| EP3300340A1 (en)* | 2011-08-12 | 2018-03-28 | Nec Corporation | Communication system |
| CN108401036A (en)* | 2011-08-12 | 2018-08-14 | 日本电气株式会社 | Communication system |
| US10728213B2 (en) | 2011-08-12 | 2020-07-28 | Nec Corporation | Communication system |
| CN109076022B (en)* | 2016-03-16 | 2021-05-07 | 日本电气株式会社 | Network address translation device, setting requesting device, communication system, communication method, and storage medium storing program |
| CN109076022A (en)* | 2016-03-16 | 2018-12-21 | 日本电气株式会社 | Network address translation device, setting request device, communication system, communication method, and storage medium storing program |
| CN107465590A (en)* | 2016-06-02 | 2017-12-12 | 阿里巴巴集团控股有限公司 | Network infrastructure system, the method for route network traffic and computer-readable medium |
| US10958482B2 (en) | 2016-07-22 | 2021-03-23 | Huawei Technologies Co., Ltd. | Information transmission method and system, and convergence gateway |
| WO2018014539A1 (en)* | 2016-07-22 | 2018-01-25 | 华为技术有限公司 | Information transmission method, fusion gateway and system |
| US11665025B2 (en) | 2016-07-22 | 2023-05-30 | Huawei Technologies Co., Ltd. | Information transmission method and system, and convergence gateway |
| CN111031020A (en)* | 2019-12-04 | 2020-04-17 | 紫光云(南京)数字技术有限公司 | Method for managing network and tenant network communication based on port mapping |
| CN111372205A (en)* | 2020-02-28 | 2020-07-03 | 维沃移动通信有限公司 | Information prompting method and electronic equipment |
| CN114978890A (en)* | 2022-05-16 | 2022-08-30 | 南京信息职业技术学院 | Port mapping system and mapping method thereof |
| CN114978890B (en)* | 2022-05-16 | 2024-01-23 | 南京信息职业技术学院 | Port mapping system and mapping method thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101605154B (en) | 2014-08-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3567896B1 (en) | Communication method, device and system | |
| CN111818516B (en) | Authentication method, device and equipment | |
| CN101605154B (en) | System and method for determining IP address of network equipment using network address translation | |
| US20200053604A1 (en) | Communication Apparatus | |
| WO2022257549A1 (en) | Network slicing method and device, and storage medium | |
| US10826946B2 (en) | Security management in communication systems with provisioning based mechanism to identify information elements | |
| CN101895929A (en) | Integrated femtocell and wlan access point | |
| US10129208B2 (en) | Methods providing public reachability and related systems and devices | |
| JP5521057B2 (en) | Method and apparatus for authenticating user equipment | |
| CN112997518A (en) | Security management in a disaggregated base station in a communication system | |
| US20240357357A1 (en) | Communication method and communication apparatus | |
| US9049693B2 (en) | Gateway, communication system, method of controlling gateway, and computer readable medium therefor | |
| WO2022143395A1 (en) | Redundant path creating method, apparatus, and system | |
| EP2890207A1 (en) | Method and device for increasing gateway capacity in lte mode femto cell system | |
| US8606228B2 (en) | Method, user network equipment and management system thereof for secure data transmission | |
| US9473934B2 (en) | Wireless telecommunications network, and a method of authenticating a message | |
| CN104935557A (en) | Method and device for controlling local network access | |
| CN101640876A (en) | IP address confirmation method and system of network device | |
| WO2021081900A1 (en) | Communication method and related apparatus | |
| KR20140021632A (en) | Method and system to differentiate and assigning ip addresses to wireless femto cells h(e)nb (home (evolved) nodeb) and lgw (local gateway) by using ikev2 (internet key exchange version 2 protocol) procedure | |
| CN102843678A (en) | Access control method, device, interface and security gateway | |
| JP7351498B2 (en) | Communication system and communication control method | |
| JP6477901B2 (en) | Gateway, radio base station, and communication system | |
| Kyung et al. | Standardization Review on 5G LAN-Type Service | |
| CN101909297B (en) | Inter-authentication method between a kind of access network device and access network device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | Effective date of registration:20191225 Address after:314400 No.11, Weisan Road, Nongfa District, Chang'an Town, Haining City, Jiaxing City, Zhejiang Province Patentee after:Haining hi tech Zone Science and Innovation Center Co.,Ltd. Address before:518057 Department of law, Zhongxing building, South hi tech Industrial Park, Nanshan District hi tech Industrial Park, Guangdong, Shenzhen Patentee before:ZTE Corp. | |
| TR01 | Transfer of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee | Granted publication date:20140813 | |
| CF01 | Termination of patent right due to non-payment of annual fee |